Obama just left Donald Trump a nice little inauguration present—a fresh
pack of sanctions against Russia and evidence of Russian interference
in the presidential election.

Win McNamee/Getty Images

In an executive order issued today,
President Barack Obama used his emergency powers to impose sanctions on
a number of Russian military and intelligence officials and also to
eject 35 Russians labeled by the administration as intelligence
operatives. The order was issued as a response to the breach of the
Democratic National Committee's network and the targeted intrusion into
e-mail accounts belonging to members of Hillary Clinton's presidential
campaign.

Obama made the sanctions an extension of an
April 2015 executive order "to take additional steps to deal with the
national emergency with respect to significant malicious cyber-enabled
activities."

The order is being accompanied by the
publication of data from US intelligence communities bolstering findings
that the breaches were part of an information operation to manipulate
the results of the US presidential election. The data, released by the Department of Homeland Security and Federal Bureau of Investigation
as a Joint Analysis Report (JAR), contains "declassified technical
information on Russian civilian and military intelligence services’
malicious cyber activity, to better help network defenders in the United
States and abroad identify, detect, and disrupt Russia’s global
campaign of malicious cyber activities," according to an Obama
administration statement. "The JAR includes information on computers
around the world that Russian intelligence services have co-opted
without the knowledge of their owners in order to conduct their
malicious activity in a way that makes it difficult to trace back to
Russia." Some of the data had been previously published by
cyber-security firms, but in some cases the data is newly declassified
government data.

The JAR (full text available here)
includes information that will allow security firms and companies to
identify and block malware used by Russian intelligence services, along
with a breakdown of the Russian malware operators' standard methods and
tactics. DHS has added these "indicators of compromise" to their
Automated Indicator Sharing service.

The executive order singles out the GRU (Russia's Main Intelligence Directorate), the FSB (Federal Security Service,
the successor to the KGB), Esage Lab (a Web development arm of the
Russian information security company Zorsecurity), the St.
Petersburg-based firm Special Technology Center, and Russia's
Professional Association of Designers of Data Processing Systems. It
also names four individuals: GRU chief General-Lieutenant Igor Korobov,
GRU Deputy Chief and Head of Signals Intelligence Sergey Aleksandrovich
Gizunov, and GRU First Deputy Chiefs Igor Olegovich Kostyukov and
Vladimir Stepanovich Alexseyev.

The 35 Russians ejected from the
US—individuals identified as intelligence operatives working out of the
Russian embassy in Washington and Russia's consulate in San
Francisco—were ejected not in response to the DNC and Clinton campaign
hacks, but in response to "harassment of our diplomatic personnel in
Russia by security personnel and police," according to a White House fact sheet issued on the executive order.

In addition to those explicitly named by the order, Obama's order applies to:

…any person determined by the
Secretary of the Treasury, in consultation with the Attorney General and
the Secretary of State, to be responsible for or complicit in, or to
have engaged in, directly or indirectly, cyberenabled activities
originating from, or directed by persons located, in whole or in
substantial part, outside the United States that are reasonably likely
to result in, or have materially contributed to, a significant threat to
the national security, foreign policy, or economic health or financial
stability of the United States and that have the purpose or effect of …
tampering with, altering, or causing a misappropriation of information
with the purpose or effect of interfering with or undermining election
processes or institutions.

That could, if pressed aggressively, apply to a
very large swath of individuals, including operators of "fake news"
sites and others involved tangentially in the distribution of
information that may be seen as intended to interfere with
elections—including the still-unidentified individuals involved in
hacking two state election commission websites. But many of the
organizations in Russia that might fall under this banner are already
under US sanctions.

Just how aggressively these measures will be
pressed will be left largely to the incoming Trump administration.
President-elect Trump will find himself in a position of having to
outright dismiss the evidence presented by the FBI and DHS in order to
rescind the sanctions entirely. But Trump has already shrugged off "the
cyber" on several occasions during the transition. On December 28, Trump
responded to a question about possible sanctions over the hacking:

I think we ought to get on with
our lives. I think that computers have complicated lives very greatly.
The whole age of computer has made it where nobody knows exactly what is
going on. We have speed, we have a lot of other things, but I’m not
sure we have the kind, the security we need.